#
# {{ ansible_managed }}
#

options {
	listen-on port {{ named_conf_listen_port }} { {% for interface in named_conf_listen_iface -%}{{ interface }}; {% endfor -%} };

	directory		"{{ named_conf_dir }}";
	dump-file		"{{ named_conf_data_dir }}/cache_dump.db";
	statistics-file 	"{{ named_conf_data_dir }}/named_stats.txt";
	memstatistics-file	"{{ named_conf_data_dir }}/named_mem_stats.txt";

	allow-query		{ any; };
	recursion		{{ named_conf_recursion }};
{% if named_conf_recursion == "yes" %}
	allow-recursion		{ any; };
{% endif %}
{% if named_forwarders is defined %}
	forwarders { {% for forwarder in named_forwarders -%}{{ forwarder }}; {% endfor -%} };
{% endif %}
{% if named_conf_allow_axfr is defined %}
	allow-transfer		{ {% for ip in named_conf_allow_axfr -%}{{ ip }}; {% endfor -%} };
{% endif %}

{% if named_conf_slave is defined and named_conf_slave == true %}
	## Slave-specific config
	# Set these in case named_conf_soa vars are lower than the BIND default.
	# Forces refresh and retries at the specified intervals.
	min-refresh-time	{{ named_conf_soa_refresh }};
	max-refresh-time	{{ named_conf_soa_refresh }};
	min-retry-time		{{ named_conf_soa_retry }};
	max-retry-time		{{ named_conf_soa_retry }};
	notify			master-only;
{% endif %}
};

logging {
	channel			default_debug {
	file			"{{ named_conf_data_dir }}/named.run";
	severity		dynamic;
        };
};

# Dynamic DNS
{% for key, zone in named_domains.items() %}
{% if zone.dynamic == true %}
{% for domain, values in ddns_keys.items() %}
{% if key == domain %}
key "{{ key }}" {
	algorithm hmac-md5;
	secret "{{ values.secret }}";
};
{% endif %}
{% endfor %}
{% endif %}
{% endfor %}

# Forward zones
{% for key, zone in named_domains.items() %}
zone "{{ key }}" {
{% if named_conf_slave is defined and named_conf_slave == true %}
	type	slave;
	file	"{{ named_conf_dir }}/slaves/{{ key }}";
	masters	{ {{ named_conf_master }}; };
{% if zone.dynamic == true %}
	allow-update-forwarding { key "{{ key }}"; };
{% endif %}
{% else %}
	type	master;
	file	"{{ named_conf_zones_path }}/{{ key }}";
{% if zone.dynamic == true %}
	allow-update { key "{{ key }}"; };
{% endif %}
{% endif %}
};

{% endfor %}

# Reverse zones
{% for key, zone in named_domains.items() %}
{% if zone.reverse is defined and zone.reverse.0 is defined %}
{% for reverse in zone.reverse %}
{% if ansible_env._ == "/usr/bin/python3" %}
{% set octet1,octet2,octet3,_ = reverse.split('.') %}
{% else %}
{% set octet1,octet2,octet3 = reverse.split('.') %}
{% endif %}
zone "{{ octet3 }}.{{ octet2 }}.{{ octet1 }}.in-addr.arpa" {
{% if named_conf_slave is defined and named_conf_slave == true %}
	type	slave;
	file	"{{ named_conf_dir }}/slaves/{{ reverse }}";
	masters	{ {{ named_conf_master }}; };
{% else %}
	type	master;
	file	"{{ named_conf_zones_path }}/{{ reverse }}";
{% endif %}
};

{% endfor %}
{% endif %}
{% endfor %}
